When technology meets regulation (GDPR) - part II

Posted by Daniela Di Noi on 6/20/18 12:08 PM

Find me on:

The GDPR requirements are quite popular now. The hype is real, as much as the penalties if you don't comply with.

In the previous article, "When technology meets regulation (GDPR) - part I", by showing you a demonstration to secure your information under the General Data Protection Regulation, we have anticipated how the GDPR compliance requires a services based Digital Business Platform, such as Alfresco, to


But what is the technology behind our solution?


Ronny Timmermans, CEO at Xenit and Thijs Lemmens, Senior ECM Engineer, together with our experienced team, explain how we developed a metadata-based authorization and access control extension and how to improve Alfresco Access Control List (ACL) lists.

In a nutshell, classical Access Control Lists (ACL) systems, like the one in Alfresco, are powerful for fine grained access control, but cumbersome to maintain and too simple in expressiveness. There is no decent support of AND, OR, NOT type of access rules. Adding an additional protection layer for GDPR would require reviewing your ACL inheritance and creating an additional (oh no, not again) number of Active Directory groups to express privacy constraints. With a dynamic system of  user roles and meta-data based authorization rules, you will add a simple (GDPR) filter on top of your current access control policies.



Topics: Alfresco, Content Services, Alfresco Certified Technology, Metadata, Handling Documents, Advanced Search, GDPR, personal data, Alfred Finder, Alfred, content management, securing of processing, Searching for information

About Xenit 


Xenit is a Belgium-based IT company, official partner of Alfresco, the Digital Business Platform. Focusing on intelligent information management and passionate about productivity, Xenit enhances Alfresco capabilities with a unique approach to eliminate content chaos

Our solution Alfred is an Alfresco fully integrated suite of products for content, process and records management which can be deployed on premise or in the cloud. The solution leverages and enriches Alfresco Content and Process Services, through

  • GUI (graphical user interface): Alfred offers Windows desktop native and web user interfaces, with focus on the search experience 
  • An open set of API’s (Integration layer): to isolate business application development from Alfresco platform upgrades.
  • Storage: for multi million legal and active archive
  • Monitoring: with full and transparent reporting of errors and status


Subscribe to Email Updates

Recent Posts